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DETAILED ACTION 



Claim Rejections - 35 USC §112 
Claim 1 recites the limitation "associatively storing an identifier for each of said attributes" in lines 10- 
1 1 on page 25. There is insufficient antecedent basis for this limitation in the claim. 



Claim Rejections - 35 USC § 103 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all obviousness rejections set 

forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in section 102 of this 
title, if the differences between the subject matter sought to be patented and the prior art are such that the subject matter as a whole 
would have been obvious at the time the invention was made to a person having ordinary skill in the art to which said subject matter 
pertains. Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-50 are rejected under 35 U.S.C. 103(a) as being unpatentable over Katin et al (5261098) in 
view of RSA Laboratories (PKCS#9 v2.0). 

With respect to Claim 1, the limitation "associatively storing an identifier for each of said attributes" is 
met by Katin on column 6, lines 67-68 and on column 7, hnes 1-2. 

Further limitation of "registering attributes..." is inherently met by Katin on column 1, lines 24-37. In 
this referenced section, it is inherent in the object-oriented programming method that the object be registered 
with a class or an object type family. This is also discussed briefly on column 9, lines 1-7 of Katin. 

Katin however does not disclose registering these attributes with a PKCS9 gateway class. This is . 
however disclosed by RSA Laboratories as shown below. 

The limitation "registering attributes with a PKCS9 gateway class, wherein the attributes include user- 
defined attributes and PKCS-standard (Public Key Cryptography Standards) defined attributes" is met by RSA 
on page 5, section 4.1. 
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It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the teachings of Katin et al because the method steps described are unique 
to a system that would want to register and store an identifier for the purpose of utilizing object oriented 
methods in efficiently storing and classifying data. Katin et al claims on column 2, lines 5-10 that these object- 
oriented methods "improve inter-operability between applications. . since "it is often desirable for the 
applications to be able to invoke each other and /or share objects." This would prove useful in implementing 
these object-oriented methods within a PKCS9 gateway class because this class 'defines a set of attributes that 
can be used in other PKCS standards'. Hence achieving optimal interoperability is the goal of the PKCS9 
gateway class. 

Hence, it would have been obvious to combine the RSA teaching within the system of Katin et al to 
achieve the claimed invention. 

With respect to Claim 2, the limitation "calling a first object-oriented method in the PKCS9 gateway 
class, wherein the first object-oriented method receives a parameter comprising an object identifier for an 
attribute" is met by Katin et al on column 9, lines 36-38. 

With respect to Claim 3, the limitation "searching an attribute mapping data structure using the object 
identifier in the received parameter" is met by Katin on column 9, lines 38-43. 

Further limitation of "in response to a determination of a matching object identifier in the attribute 
mapping data structure, retrieving a class identifier associatively stored with the matching object identifier in 
the attribute mapping data structure; and calling a second object-oriented method in a class identified by the 
retrieved class identifier" is met on column 9, lines 44-56. 
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With respect to Claim 4, the limitation "invoking a first object-oriented method to process an attribute 
object, wherein the first object-oriented method is defined in an abstract class for attribute objects with a 
subclass for undefined attributes and a subclass for defined attributes, wherein the subclass for defined attributes 
is further comprised of a subclass for each PKCS-defined (Public Key Cryptography Standards) attribute and a 
subclass for each user-defined attribute" is met by Katin et al on column 9, lines 1-14 and on column 3, lines 
13-20. 

Further limitation of "invoking a second object-oriented method to process an attribute object, wherein 
the second object-oriented method is defined in a PKCS9 gateway class" is met by Katin et al on column 9, 
lines 36-38. 

The limitation "in response to invoking the first object-oriented method or the second object-oriented 
method, processing the result returned by the first object-oriented method or the second object-oriented 
method" is met on by Katin et al on column 9, lines 51-56. 

Katin however does not meet the limitation of a PKCS defined attributes. This is however disclosed by 
RSA on page 8, section 5.2.2, last two paragraphs. 

The reason for obviousness has already been disclosed in Claim 1 . 



With respect to Claim 5, all the limitation is met by Katin et al except the limitation disclosed below. 

The limitation "where a PKCS compatible attribute is a unique object identifier and value, as defined by 
the Abstract Syntax Notation (ASN. 1) for the X.500 Attribute type" is met by RSA on pages 5 and 6, sections 
4.1 and 4.2. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because the coupling of a unique object 
identifier with some value is a very necessary step when it comes to object-oriented methods of initializing an 
object. 
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With respect to Claim 6, all the limitations is met by Katin et al except that disclosed below. 
The Umitation "wherein each defined attribute is implemented as a separate class" is met by RS A on 
page 6, section 4.2. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because the implementation of a different class 
for each defined attribute allows the attribute object identifier to be mapped to an implementing class when 
instantiated. 

With respect to Claim 7, all the limitation is met by Katin et al except that disclosed below. 

The limitation "wherein each defined attribute is registered with the PKCS9 gateway class" is met by 
RSA on page 8, section 5.2.2. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because PKCS9 gateway class is a class that 
defines a set of attributes that can be used in other PKCS standards. Hence achieving optimal interoperability 
necessary for the PKCS9 gateway class and an highly efficient way of doing so is by implementing object- 
oriented methods. 

With respect to Claim 8, its limitation is similar to Claim 7 limitation and hence its rejection can be 
found therein. 

With respect to Claim 9, all the limitation is met by Katin et al except the limitation disclosed below. 
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The limitation ''wherein the user-defined attributes are registered with the PKCS9 gateway class by 
reading a configuration file when the PKCS9 gateway class is initially loaded" is met inherently by RSA on 
pages 5 and 6, in sections 4. 1 and 4.2. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because these are the general steps taken to 
register user-defined attributes in PKCS9 gateway class. 

With respect to Claim 10, the limitation "wherein the second object-oriented method determines a type 
of the attribute object by performing an instanceof comparison to registered attributes" is met by Katin et al on 
column 9, lines 1-17. 

With respect to Claim 1 1, all the limitation is met by Katin et al except the Hmitation disclosed below. 

The limitation "wherein the attribute object is constructed using a constructor method in a class 
associated with a PKCS-compatible attribute" is met by RSA on page 4, section 3, second paragraph. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because these are the basic steps when defining 
and initializing an object belonging to a class. 

With respect to Claim 12, all the limitation is met by Katin et al except the limitation dislosed below. 

The limitation "wherein in response to determining an object identifier and a value associated with the 
object identifier and determining the object identifier is registered with the PKCS9 gateway class, the PKCS9 
gateway class returns an instance of a registered attribute" is met by RSA on page 7, section 5.2.1. 
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It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because these are the basic steps when defining 
and initializing an object belonging to a class. 

With respect to Claim 13, the limitation "wherein in response to determining a DER-encoded byte 
stream with an object identifier, the second object-oriented method in the PKCS9 gateway class returns an 
instance of a PKCS-compatible attribute" is met by Katin on column 9, Unes 44-56. 

With respect to Claim 14, the limitation "in response to determining the object identifier from the 
DER-encoded byte stream is not registered with the PKCS9 gateway class, an instance of an undefined attribute 
is returned with the value being a DER-encoded byte stream" is met by Katin et al on column 9, lines 38-43. 

With respect to Claim 15, the Umitation ", in response to determining the object identifier from the 
DER-encoded byte stream is registered with the PKCS9 gateway class, an instance of an attribute with the 
object identifier is returned" is met by Katin et al on column 9, lines 38-43. 

With respect to Claim 16, all the limitation is met by Katin et al except the limitation dislosed below. 

The limitation "wherein a registered attribute object is encoded to a DER-encoded byte stream by using 
the first object-oriented method for encoding the attribute object" is met by RSA on page 28, section B.3.1. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because these are the basic steps when defining 
and initializing an object belonging to a class. 



With respect to Claim 17, all the Hmitation is met by Katin et al except the limitation dislosed below. 
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The limitation "wherein a registered attribute object represented as a DER-encoded byte stream is 
decoded to an attribute object by using the second object-oriented method for decoding the attribute object" is 
the reverse of Claim 16 limitation and hence its rejection is contained in Claim 16 rejection. 

With respect to Claim 18, all the limitation is met by Katin et al except the limitation dislosed below. 

The Hmitation "wherein a second object-oriented method in the PKCS9 gateway class extracts attribute 
values into forms, wherein the forms are strings, numbers, and/or other non-abstract data types" is met by 
RSA on page 29, section B.3.3. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because extracting the value entered by the 
user/system into a string or etc. is a basic step in initializing an object. 

With respect to Claim 19, its limitation is similar to Claim 1 and hence its rejection is contained in 
Claim 1 rejection. 

With respect to Claim 20, its limitation is similar to Claim 2 and hence its rejection is contained in 
Claim 2 rejection. 

With respect to Claim 21, its limitation is similar to Claim 3 and hence its rejection is contained in 
Claim 3 rejection. 

With respect to Claim 22, the limitation "first constructing means for constructing a new instance of an 
attribute object" is met by Katin on column 2, lines 37-54. 
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Further limitation of "first differentiating means for differentiating between attribute objects of different 
types" is met by Katin on column 2, lines 55-61. 

Futher limitation of "first extracting means for extracting values associated with an attribute object" is 
met by Katin on column 3, lines 4-12. 

Further limitation of "extending means for extending a set of attributes with user-defined types" is met 
by Katin on column 3, lines 13-17. 

Katin et al however does not disclose registering an attribute in PKCS9 gateway class nor does he 
discuss DER-encoding. This is met by RSA. 

The limitation "converting means for converting an instance of an attribute object to and/or from 
DER-encoding" is met by RSA on page 28, section B.3.L 

Further limitation of "first registering means for registering an attribute class with a PKCS9 gateway 
class" is met by RSA on page 5, section 4.1. 

It would have been obvious to combine the teachings of RSA within the system of Katin et al because 
registering an attribute in PKCS9 gateway class improves interoperability of the applications involved as 
explained in Claim 1 rejection. 

With respect to Claim 23 and 39, its limitation is similar to Claim 5 and hence its rejection is contained 
in Claim 5 rejection. 

With respect to Claim 24 the limitation is similar to the first paragraph of Claim 4 and hence its rejection 
is can be found within Claim 4, first paragraph rejection. 

With respect to Claim 25, the limitation "second constructing means for constructing wherein a new 
instance of an attribute object using a class constructor" is met by Katin et al on column 9, lines 44-56. 
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With respect to Claim 26, the Umitation "third constructing means for constructing a new instance of a 
PKCS-compatible attribute object is constructed using the PKCS9 gateway class if an attribute object identifier 
and a class implementing that attribute are registered" is met by Katin et al on column 10, lines 3-10. 



With respect to Claim 27, all the limitation is met by Katin et al except the limitation disclosed below. 
The limitation "fourth constructing means for constructing a new instance of a PKCS-compatible attribute 
object using the PKCS9 gateway class based on a DER-encoded byte stream" is met by RS A on page 28, 
sections B.3.1 and on B.3.3. 

It would have been obvious to one of ordinary skill in the art because DER encoding is a useful means 
of encoding an ASN. 1 value as an octet string. Hence since this works hand in hand with ASN. 1, which is an 
OSI method of specifying abstract objects, this would be a useful way to encode the byte stream. 



With respect to Claim 28, the limitation "second differentiating means for differentiating a type for an 
attribute object determined by performing an instanceof comparison to registered attribute classes" is met by 
Katin et al on column 9, lines 1-17. 



With respect to Claim 29, all the limitation is met by Katin et al except the limitation described below. 
The limitation "encoding means for encoding an attribute object to a DER-encoded object by using an encode 
method of the attribute object" is met by RSA on page 28, section B.3.1 . 

It would have been obvious to one of ordinary skill in the art because DER encoding is a useful means 
of encoding an ASN. 1 value as an octet string. Hence since this works hand in hand with ASN. 1 , which is an 
OSI method of specifying abstract objects, this would be a useful way to encode the byte stream. 
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With respect to Claim 30, the limitation "decoding means for decoding an attribute object represented as 
a DER-encoded string to an attribute object by using a decode method of the attribute object" is the reverse of 
Claim 29 and hence Claim 29 rejection stands. 



With respect to Claim 31, all the limitation is met by Katin et al except the limitation disclosed below. 
The limitation "second extracting means for extracting the PKCS9 gateway class returns attribute values, 
wherein the values are represented as strings, numbers, and/or other non-abstract data types" is met by RSA on 
page 29, section 3.3. 

It would have been obvious to one of ordinary skill in the art at the time the invention was made to 
combine the teachings of RSA within the system of Katin et al because extracting the value entered by the 
user/system into a string or etc. is a basic and necessary step in initializing an object. 



With respect to Claim 32 and 33, all the limitation is met by Katin et al except the limitation disclosed 

below. 

The limitation "second/third registering means for registering a PKCS -compatible attribute is registered 
with the PKCS9 gateway class" is met by RSA on page 5, section 4. 1 . 

It would have been obvious to combine the teachings of RSA within the system of Katin et al because 
registering an attribute in PKCS9 gateway class improves interoperability of the applications involved as 
explained in Claim 1 rejection. 

With respect to Claim 34, its Hmitation is similar to Claim 9 limitation and hence its rejection can be 
found in Claim 9 rejection. 

With respect to Claim 35, its limitation is similar to Claim 1 limitation and hence its rejection can be 
found therein. 

With respect to Claim 36, its Hmitation is similar to Claim 2 limitation and hence its rejection can be 
found therein. 
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With respect to Claim 37, its limitation is similar to Claim 3 limitation and hence its rejection can be 
found therein. 

With respect to Claim 38, its limitation is similar to Claim 22 limitation and hence its rejection can be 
found therein. 

With respect to Claim 39, its limitation is similar to Claim 23 limitation and hence its rejection can be 
found therein. 

With respect to Claim 40, its limitation is similar to Claim 24 limitation and hence its rejection can be 
found therein. 

With respect to Claim 41, its hmitation is similar to Claim 25 limitation and hence its rejection can be 
found therein. 

With respect to Claim 42, its limitation is similar to Claim 26 limitation and hence its rejection can be 
found therein. 

With respect to Claim 43, its limitation is similar to Claim 27 limitation and hence its rejection can be 
found therein. 

With respect to Claim 44, its limitation is similar to Claim 28 hmitation and hence its rejection can be 
found therein. 

With respect to Claim 45, its limitation is similar to Claim 29 limitation and hence its rejection can be 
found therein. 

With respect to Claim 46, its limitation is similar to Claim 30 limitation and hence its rejection can be 
found therein. 

With respect to Claim 47, its limitation is similar to Claim 31 hmitation and hence its rejection can be 
found therein. 

With respect to Claim 48, its limitation is similar to Claim 32 hmitation and hence its rejection can be 
found therein. 

With respect to Claim 49, its limitation is similar to Claim33 limitation and hence its rejection can be 
found therein. 

With respect to Claim 50, its limitation is similar to Claim 9 limitation and hence its rejection can be 
found therein. 
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Any inquiry concerning this communication or earlier communications from the examiner should be 
directed to Tracey Akpati whose telephone number is 703-305-7820. The examiner can normally be reached on 
8.30am-6.00pm. 

If attempts to reach the examiner by telephone are unsuccessflil, the examiner's supervisor, Kim Vu can 
be reached on 703-305-4393. The fax phone numbers for the organization where this application or proceeding 
is assigned are 703-746-7240 for regular communications and 703-746-7238 for After Final communications. 

Any inquiry of a general nature or relating to the status of this application or proceeding should be 
directed to the receptionist whose telephone number is 703-305-3900. 



OTA 

January 20, 2004 




